[Geany-Devel] using Coverity to audit the code base
Colomban Wendling
lists.ban at xxxxx
Thu Feb 26 21:55:51 UTC 2015
Le 26/02/2015 19:18, Colomban Wendling a écrit :
> […]
>
> Quoting Coverity's Scan User Agreement:
>
> "You will not publish any findings regarding or resulting from use of
> the Service or the Software;"
>
> IANAL, but this looks like we couldn't discuss an issue it found on e.g.
> this mailing list.
OK, someone gave me the argument "well but it's just to avoid security
vulnerability disclosure", but even if it was true (the UA really isn't
specific on this), as the UA is written I don't think we could *ever*
talk about *anything* we see there. Not even days after an actual bugs
was found, nor ever -- which in addition of being silly disallows
discussion on how not to reproduce it in the future.
> […]
>
> And this is the Scan User Agreement, I couldn't even find the Scan Terms
> of Use (at least not without trying to actually register myself).
Hum, I tried to register with my GitHub account just to see if I'd get a
link to these mythical Scan Terms of Use during the process, and… I
didn't have to accept *anything*, no nothing, like click and boom
"you're registered". So apparently now I do have an account there --
but I still can't find these Scan Term of Use.
Colomban
More information about the Devel
mailing list